Details
-
Change Request
-
Resolution: Unresolved
-
Medium
-
Interoperable Digital Identity and Patient Matching (FHIR)
-
current
-
Patient Administration
-
Patient Matching
-
4.2
Description
In section 4.2, please clarify what "such queries" means in this requirement: "Individual Access (or if protected health information [PHI] or PII will be returned, other than to a Covered Entity in a Treatment, Payment, or Operations workflow) is outside the scope of this IG’s Patient Matching requirements. Instead, responders to such queries SHALL authenticate the individual before returning PHI or PII.":
- Is it patient match requests from HIT professionals?
- Is it any FHIR request besides patient match (since that is disallowed) from a patient?